Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Management & Strategy

Obama Launches Cybersecurity ‘Action Plan’

Cybersecurity National Action Plan

Cybersecurity National Action Plan

President Barack Obama on Tuesday unveiled a new cybersecurity “national action plan” calling for an overhaul of aging government networks and a high-level commission to boost security awareness.

The announcement responds to an epidemic of data breaches and cyber attacks on both government and private networks in recent years, and passage last year of a cybersecurity bill that aims to facilitate better threat sharing.

Obama asked for $19 billion for cybersecurity efforts in his budget request, a 35 percent increase from current levels, with $3 billion earmarked to help modernize the patchwork of computer systems used in government agencies.

“It is no secret that too often government IT is like an Atari game in an Xbox world,” Obama said in a column in the Wall Street Journal.

“The Social Security Administration uses systems and code from the 1960s. No successful business could operate this way. Going forward, we will require agencies to increase protections for their most valued information and make it easier for them to update their networks.”

Obama said his plan would “address both short-term and long-term threats, with the goal of providing every American a basic level of online security.”

The moves come after disclosures last year that personal data from some 20 million federal employees, contractors and others had been leaked in a massive breach at the Office of Personnel Management.

That followed news of attacks hitting health care networks, retailers and others affecting tens of millions more, and a devastating cyber attack on Sony Pictures.

Advertisement. Scroll to continue reading.

“These cyberthreats are among the most urgent dangers to America’s economic and national security,” Obama said.

“That’s why, over the past seven years, we have boosted cybersecurity in government — including integrating and quickly sharing intelligence about cyberthreats — so we can act on threats even faster.”

Obama issued an executive order creating a 12-member cybersecurity commission to make recommendations to both the public and private sectors.

The panel is to issue a report to the president by December 1.

New Cybersecurity Chief

A White House statement said the plan calls for a new federal chief information security officer to direct cybersecurity across the federal government.

The White House said it would also step up efforts with the private sector to help consumers improve online security, in part by adding new protection to services requiring passwords.

A new campaign will be calling for “moving beyond just passwords and adding an extra layer of security,” such as biometric identification or multi-factor authentication using a secure code, according to the White House.

The national cybersecurity awareness campaign “will include major technology firms such as Google, Facebook, Dropbox, and Microsoft” as well as financial service providers such as MasterCard, Visa and PayPal.

The government will also step up security for its own transactions with citizens with “effective identity proofing and strong multi-factor authentication methods,” the White House said.

The announcements were made on “Safer Internet Day,” designated by governments and technology firms to boost awareness of cybersecurity issues.

Separately Tuesday, US intelligence chief James Clapper told a Senate hearing that cyber threats were growing amid a wider adoption of connected devices and new systems that rely on artificial intelligence.

Clapper said “smart” Internet of Things (IoT) devices for autonomous vehicles, household appliances and systems such as electric power grids can open up new vulnerabilities for hacking.

“In the future, intelligence services might use the IoT for identification, surveillance, monitoring, location tracking, and targeting for recruitment, or to gain access to networks or user credentials,” Clapper said in prepared testimony.

He added that increased reliance on artificial intelligence “is creating new vulnerabilities to cyberattacks and influence operations,” adding that these systems “are susceptible to a range of disruptive and deceptive tactics that might be difficult to anticipate or quickly understand.”

The intelligence chief named Russia, China, Iran and North Korea as “leading threat actors” which pose risks for US security.

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

CISO Strategy

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.

Management & Strategy

SecurityWeek examines how a layoff-induced influx of experienced professionals into the job seeker market is affecting or might affect, the skills gap and recruitment...

Cybersecurity Funding

2022 Cybersecurity Year in Review: Top news headlines and trends that impacted the security ecosystem